An embodiment of the invention provides a mechanism for measuring the performance characteristics of data sent across any communication path configured to carry data between two or more computational devices (e.g., local area networks, wide area network, virtual private networks, wireless networks, or any other type of interconnect mechanism). In a test environment, processing speed is a critical part of producing test equipment that can process network protocol data in real-time. Embodiments of the invention provide network test equipment with a methodology for performing enough lookup processing operations to keep up with the real time frame rates of a gigabit Ethernet network. This is accomplished in accordance with one embodiment of the invention by improving the performance of the connection lookup processor in test devices.

Patent
   6654701
Priority
Aug 30 2001
Filed
Aug 30 2001
Issued
Nov 25 2003
Expiry
Aug 30 2021
Assg.orig
Entity
Large
92
12
all paid
11. A method for measuring the performance of protocol data in a data communication network comprising:
testing the performance of protocol data, said testing comprising:
obtaining protocol data comprising connection data from a data communication network;
performing a polynomial hashing operation on said connection data to produce a hash vector;
searching a hash vector table to determine a location to store said hash vector;
obtaining a stored key from a free list and linking said hash vector into said stored key when said hash vector table is zero; and
searching for said hash vector when said hash vector table is not zero.
35. A method for testing the performance of tcp data in a tcp/IP network comprising:
obtaining tcp data having connection data comprising source data and destination data;
providing said connection data as a hash key to a polynomial hashing operation;
executing said polynomial hashing operation to generate a hash vector;
searching a hash vector table to determine a location to store said hash vector, wherein said searching comprises:
determining if a location associated with said hash vector in said hash vector table is empty; and
obtaining a stored key from a free list and associating said stored key with said location in said hash vector table when said location is empty.
21. A computer program product comprising:
a computer usable medium having computer readable program code for measuring the performance of protocol data in a data communication network comprising embodied therein said computer readable program code configured to:
obtain protocol data comprising connection data from a data communication network;
execute a polynomial hashing operation on said connection data to produce a hash vector;
search a hash vector table to determine a location to store said hash vector;
obtain a stored key from a free list and link said hash vector into said stored key when said hash vector table is zero; and
search for said hash vector when said hash vector table is not zero.
31. A system for testing the performance of tcp data in a data communication network comprising:
a data communication network configured to transport tcp data having source data and destination data;
a testing device comprising a lookup processor, said lookup processor configured to obtain said tcp data from said data communication network and execute a polynomial hashing operation using said source data and said destination data as a hash key to produce a hash vector;
said lookup processor initiating a search of a hash vector table to determine a location to store said hash vector;
said lookup processor determining if a location associated with said hash vector in said hash vector table is empty; and
said lookup processor obtaining a stored key from a free list and associating said stored key with said location in said hash vector table when said location is empty.
1. A testing apparatus for measuring the performance of protocol data in a data communication network comprising:
a testing device comprising a lookup processor;
said lookup processor configured to obtain protocol data from a data communication network;
said protocol data comprising connection data;
said lookup processor performing a polynomial hashing operation using said connection data as a hash key to produce a hash vector;
said lookup processor initiating a search of hash vector values in a hash vector table to determine a location to store said hash key;
wherein said lookup processor is configured to obtain a stored key from a free list and link said hash vector into said stored key when value of said hash vector table is zero; and
wherein said lookup processor is configured to search for said hash vector when said value of said hash vector table is not zero.
2. The testing apparatus of claim 1 wherein said polynomial hashing operation utilizes a polynomial having an order approximately ¼ the size of the number of lookups to be performed by said lookup processor.
3. The testing apparatus of claim 1 wherein said polynomial hashing operation utilizes a polynomial of size 219.
4. The testing apparatus of claim 1 wherein said connection data comprises source data and destination data.
5. The testing apparatus of claim 4 wherein said source data comprises a source address and source port.
6. The testing apparatus of claim 4 wherein said destination data comprises a destination address and destination port.
7. The testing apparatus of claim 1 wherein said hash vector is stored in a location associated with a matching hash vector when said search for said hash vector locates a match.
8. The testing apparatus of claim 1 wherein said hash vector table comprises a chained hash table.
9. The testing apparatus of claim 1 wherein said protocol data comprises tcp data.
10. The testing apparatus of claim 1 wherein said data communication network transports data at at least one gigabit per second.
12. The method of claim 11 wherein said polynomial hashing operation utilizes a polynomial having an order approximately ¼ the size of the number of lookups to be performed by said lookup processor.
13. The method of claim 11 wherein said polynomial hashing operation utilizes a polynomial of size 219.
14. The method of claim 11 wherein said connection data comprises source data and destination data.
15. The method of claim 14 wherein said source data comprises a source address and source port.
16. The method of claim 14 wherein said destination data comprises a destination address and destination port.
17. The method of claim 11 wherein said hash vector is stored in a location associated with a matching hash vector when said search for said hash vector locates a match.
18. The method of claim 11 wherein said hash vector table comprises a chained hash table.
19. The method of claim 11 wherein said protocol data comprises tcp data.
20. The method of claim 11 wherein said data communication network transports data at at least one gigabit.
22. The computer program product of claim 21 wherein said polynomial hashing operation utilizes a polynomial having an order approximately ¼ the size of the number of lookups to be performed by said computer readable program code.
23. The computer program product of claim 21 wherein said polynomial hashing operation utilizes a polynomial of size 219.
24. The computer program product of claim 21 wherein said connection data comprises source data and destination data.
25. The computer program product of claim 24 wherein said source data comprises a source address and source port.
26. The computer program product of claim 24 wherein said destination data comprises a destination address and destination port.
27. The computer program product of claim 21 wherein said hash vector is stored in a location associated with a matching hash vector when said search for said hash vector locates a match.
28. The computer program product of claim 21 wherein said hash vector table comprises a chained hash table.
29. The computer program product of claim 21 wherein said protocol data comprises tcp data.
30. The computer program product of claim 21 wherein said data communication network transports data at at least one gigabit.
32. The system of claim 31 wherein said lookup processor provides a result to a results FIFO.
33. The system of claim 31 further comprising:
said lookup processor searching said hash vector table for said hash vector.
34. The system of claim 31 wherein said polynomial hashing operation utilizes a polynomial having an order approximately ¼ the size of the number of lookups to be performed by said lookup processor.
36. The method of claim 35 further comprising:
searching said hash vector table for said hash vector.
37. The method of claim 35 wherein said polynomial hashing operation utilizes a polynomial having an order ¼ the size of the number of lookups to be performed.

This invention relates to the field of computer technology. More specifically, the invention relates to a method and apparatus for measuring protocol performance in a data communication network.

Portions of the disclosure of this patent document contain material that is subject to copyright protection. The copyright owner has no objection to the facsimile reproduction by anyone of the patent document or the patent disclosure as it appears in the Patent and Trademark Office file or records, but otherwise reserves all copyrights whatsoever.

In order to transmit data from one computer to another the data may be sent across computer networks. So that each computer connected to the network can send and receive data from other computers on the network, each of the interconnected computers is typically configured to understand one or more common protocols. Each protocol defines a format for encapsulating data and transmitting that data across the network. Protocols designed to send data across packet switched networks (e.g., the Internet) typically divide the data that is to be transmitted into sets of packets. Each packet is then sent through the network to the indicated destination. The path that each packet takes may vary, but in every instance the packet data will be sent through network equipment such as a router, switch, hub, and/or any other type of network node.

The performance of the network is dependent upon how quickly the packet data is transmitted through such network equipment. Modern network equipment is designed to move packet data through the network at rates that exceed the connection speed. If, for example, a router is connected to a Gigabit Ethernet network, that router must be capable of moving data at speeds that do not lead to bottlenecking. If a certain device is not able to operate on the packet data at such rates, the network becomes bottlenecked and the overall data transfer rate associated with the entire network can decrease. Therefore, a constant concern network engineers have is whether, or not, the equipment being connected to the network can adequately handle the data speeds of the network. When the routing hardware is efficient, the network itself is efficient.

To address this concern, network engineers and others responsible for ensuring the network remains efficient use devices that can test the speed of the routers and other such pieces of hardware utilized to control packet flow. Such test devices are generally referred to as network test devices. A problem encountered by such test devices is that to effectively measure the performance of protocol data, the test equipment itself must be able to keep up with the transmission speeds of the routing hardware and the data line. In order to assess the behavior of the network for each of the connections, the test equipment must be able to perform a lookup operation to associate each packet with a particular connection. The test equipment must be able to perform this required connection lookup processing for each packet at any given transmission speed. Current performance testing systems have a limited capacity for performing this connection lookup and for processing protocol data when the network speed exceeds one Gigabit per second.

Thus, there is a need for improving the efficiency of connection lookup operations while placing one or more network devices under test.

An embodiment of the invention provides a mechanism for measuring the performance characteristics of data sent across any communication path configured to carry data between two or more computational devices (e.g., local area networks, wide area network, virtual private networks, wireless networks, or any other type of interconnect mechanism). In a test environment, processing speed is a critical part of producing test equipment that can process network protocol data in real-time. Embodiments of the invention provide network test equipment with a methodology for performing enough lookup processing operations to keep up with the real time frame rates of a gigabit Ethernet network.

This is accomplished in accordance with one embodiment of the invention by improving the performance of the connection lookup processor in test devices. The lookup processor initiates processing when it obtains connection data (e.g., TCP) from a request FIFO. Once the lookup processor receives an incoming datagram containing connection data (e.g., TCP or any other type of datagram to be evaluated), the processor determines a connection index that corresponds to the connection represented by the datagram. Each connection is uniquely identified by the source and destination information associated with the datagram. For instance, each incoming connection may be uniquely identified by examining the source address, destination address, source port, and destination port associated with the connection. Once the connection data is obtained, that data is utilized to perform a lookup operation. During the lookup operation a hashing operation is performed on the connection data and the connection data is associated with an index or hash vector used to find the table of state information for the connection. In accordance with one embodiment of the invention, the lookup operation is performed using an SDRAM memory configured as a chained hash table, using a polynomial hashing algorithm.

Because the lookup processing is performed in a performance measurement system, the hashing algorithm that is selected must be capable of performing enough lookup processing operations to keep up with the frame rates of a Gigabit per second or above Ethernet network. Therefore, the invention contemplates the use of a polynomial hashing algorithm that seeks to distribute the incoming keys as evenly as possible over the range of possible hash function values. The degree of the polynomial used by the hashing algorithm at step 302 is chosen in one embodiment of the invention to give the desired range of hash vectors. Thus, the depth of the linked lists associated with the chained hash table is minimized and the efficiency associated with lookup processing is increased. When the system embodying the invention is configured to handle at least 2 million connections, the chained hash table has an unallocated size capable of storing 2097152 Keys. A suitable hashing polynomial would be 19th degree; this produces 524288 distinct hash vectors.

When polynomial hashing is utilized the key to be hashed (e.g., a 96-bit key) is passed through a polynomial division operation. The remainder from the division operation becomes the value of the hash function utilized for the table lookup. The performance of the hashing algorithm is dependent upon the hashing polynomial that is selected. For instance some polynomials perform better than others. The degree of the polynomial that is selected depends upon how many bits are desired in the hash value itself. For a CRC polynomial of order N, the number of unique hash values possible is 2N. In one embodiment of the invention, the polynomial order is approximately ¼ the size of the number of lookups desired. For example, for 2 million connections the maximum size of the lookup table is 2,097,152 (221) therefore the polynomial that would maximize efficiency in one embodiment of the invention would be a polynomial of size 219. For a polynomial to be utilized in a hash function, the polynomial should be primitive. For degree 19, there are at least 11 primitive polynomials. In one embodiment of the invention polynomial 7 is viewed as the most effective polynomial. However, other polynomial hashing algorithms can be incorporated into embodiments of the invention and utilized during lookup processing.

FIG. 1 illustrates the positioning of a test device configured to determine the performance of one or more network devices in accordance with one embodiment of the invention.

FIG. 2a comprises a high-level block diagram illustrating the components of the protocol engine utilized in accordance with one embodiment of the invention to evaluate message data.

FIG. 2b illustrates the components of lookup processor 254 in accordance with one embodiment of the invention.

FIG. 3 illustrates the specific operational characteristics of lookup processor in accordance with one embodiment of the invention.

FIG. 4 illustrates a more detailed view of the process for optimized hashing in accordance with one embodiment of the invention.

FIG. 5 illustrates a chained hash table utilized in accordance with one embodiment of the invention.

FIG. 6 shows representation of the hash memory structure when it is initialized in accordance with one embodiment of the invention.

A method and apparatus for testing protocol performance in a data communication network is described. In the following description numerous specific details are set forth in order to provide a more thorough understanding of the present invention. It will be apparent, however, to one skilled in the art, that the present invention may be practiced without these specific details. In other instances, well-known features have not been described in detail so as not to obscure the invention.

System Overview

An embodiment of the invention provides a mechanism for measuring and/or testing the performance characteristics of data sent across any communication path configured to carry data between two or more computational devices (e.g., local area networks, wide area network, virtual private networks, wireless networks, or any other type of interconnect mechanism). In a test environment, processing speed is a critical part of producing test equipment that can process network protocol data in real-time. Embodiments of the invention provide network test equipment with a methodology for performing enough lookup processing operations to keep up with the real time frame rates of a gigabit Ethernet network. However, the invention also has applicability in other network environments and is not limited solely to gigabit Ethernet networks.

In one embodiment the mechanism for measuring performance characteristics data is configured to test the performance of data sent using one or more standard protocols. For instance, the system may determine the performance of data associated with a protocol connection such as a TCP connection. TCP is utilized herein as an example of the type of data embodiments of the invention may operate on. However, the methodologies described herein are also applicable to other types of network communication protocols. The reader should also note that embodiments of the invention may be implemented in hardware and/or software form. For instance, the invention may be incorporated into a computer program product or be embedded into one or more portions of a hardware apparatus.

When protocol data is transmitted across a network, the protocol data is routed through one or more intermediate nodes. For example, data sent from one network to another may be transmitted through multiple routers, switches, hubs, and other sorts of network nodes or computational devices. Embodiments of the invention provide a mechanism for analyzing the performance of devices utilized to move protocol data through the network. For instance, referring now to FIG. 1, a test device configured to determine the performance of one or more network devices is shown. Test device 100 may be inserted into network 102 to determine how well one or more network devices (e.g. 104, 103, or 106) function. Test device 100 comprises protocol engine 101. In one embodiment of the invention protocol engine 101 is configured to efficiently establish a large number of connections through the device under test (e.g., network device 104). Protocol engine 101 may establish connections back to more test devices (e.g., 108) or back to the device under test. Test device 100 may, for example, optionally link back to network device 104 or link to network device 106. In some instances test device 100 is coupled directly to additional test equipment (e.g., test device 108) and configured to measure additional performance characteristics generally associated with network 102.

When network 102 is a high-speed network (e.g., 1 gigabit+Ethernet), protocol engine 101 (which may processes TCP and other types of data) in test device 100 can efficiently perform a large number (e.g., millions) of connection lookup operations. Thus, embodiments of the invention provide a mechanism for improving the efficiency of connection lookup operations while placing one or more network devices under test. For instance in an embodiment of the invention targeted to Gigabit+Ethernet, a lookup processor, configured in accordance with the invention and having access to SDRAM memory with 8 MDwords, can perform lookup processing of up to 2 Mconnections, at full line rate of 1.488 Mconnections per second. For example, when the minimum Ethernet frame has a size of 64 bytes, plus an 8-byte preamble (72 bytes total), the time required to transmit this frame at the link clock rate, plus the minimum inter-frame gap, typically determines the minimum interval between successive worst case frames. If, for example, the link transfers data across the link at a byte rate of 125 MHz, and has a minimum inter-frame gap of 96 nanoseconds. The time for transmitting is typically 72/(125×106)=576×10-9=576 nanoseconds. The minimum interval between worst case frames is then 576+96=672 nanoseconds. Thus, in a worst case scenario the lookup processor embodying the invention can perform a connection index lookup within 672 nanoseconds. The reader should note that the exact number of connections, the system may process, can increase or decrease depending upon the environmental characteristics in which the lookup processor is operating within. Thus, the invention may function quicker or slower than the example provided herein. The invention may be implemented in other types of networks that have other characteristics and therefore perform lookup processing operations at varying speeds.

FIG. 2a comprises a high-level block diagram illustrating the components of the Protocol engine (e.g., TCP engine) utilized in accordance with one embodiment of the invention to evaluate TCP message data. Protocol engine 249 obtains protocol message data from one or more network devices under test (e.g., 104) and passes the protocol message data 250 to request FIFO 252. Request FIFO 252 then queues the message data for processing by hasher 253. Hasher 253 operates on message data 250 to efficiently prepare the data for processing by lookup processor 254. The specific operations performed by hasher 253 are described in further detail below. Hasher 253 and lookup processor 254 utilize data held in memory 255 during connection lookup processing. For example, the hasher receives the lookup key and produces the hash value from it, and the lookup processor uses the hash value for accessing the memory. Once processing is complete the results are output to results FIFO 256. Hasher 253 enables lookup processor 254 to evaluate the protocol message data 250 in an efficient manner that improves upon the prior art techniques for testing protocol performance.

Connection Lookup Processing

FIG. 2b illustrates the processor logic of lookup processor 254 in accordance with one embodiment of the invention. Lookup processor 254 may contain various components that aid in the generation of a connection index. For instance, in one embodiment of the invention lookup processor 254 comprises a hash key-formatting module 277 configured to handle initial formatting and processing of the hash key in accordance with the technique describe in further detail below. For instance, hash-key formatting module 277 may obtain protocol connection data from FIFOs 276 and 275 and provide that data to polynomial hash vector generation module 278 which generates a hash vector using the connection data. Hash key and stored key comparison module 279 is configured to handle any hash vector collisions that occur.

Upon generation of a hash vector, memory address generator 280 obtains a memory address for examination of stored keys associated with the hash vector within the lookup memory 286. If the content of the hash vector memory location is zero, then this hash vector has not previously been seen. In that case, the formatted hash key is written into a free stored key area within the memory, and the hash vector that contained zero is written with the address of that stored key area. If the content of the hash vector memory location is non-zero, then this hash vector has been previously seen, and the hash vector points to a linked list of stored keys associated with that hash vector. The lookup sequence and control logic 281 along with the hash key and stored key comparison 279 function to search the linked list for an entry whose stored key matches the incoming hash key. When processing is complete, the result (a value encoded from the memory address of the matching or newly added stored key) is passed to the results FIFO 282.

FIG. 3 illustrates the specific operational characteristics of lookup processor 254 in accordance with one embodiment of the invention. Lookup processor 254 initiates processing when it obtains protocol connection data from the request FIFO (e.g., at step 300). When lookup processor 254 receives an incoming datagram (e.g., TCP or any other type of datagram to be evaluated), the processor determines a connection index that corresponds to the connection represented by the datagram. Each connection is uniquely identified by the source and destination information associated with the datagram. For instance, each incoming connection may be uniquely identified by examining the source address, destination address, source port, and destination port associated with the connection. For instance, the following information uniquely identifies a TCP connection:

Source IP Address 32 bits for IPv4 128 for IP6
Source Port 16 bits
Destination IP Address 32 bits for IPv4 128 bits for IP6
Destination Port 16 bits

Data utilized for such purposes may vary in size depending upon the protocol that data conforms with and the system incorporating aspects of the invention is designed so that it may be adapted for use with future and past data communication protocols.

Once the connection data is obtained, that data is utilized to perform a lookup operation. During the lookup operation a hashing operation is performed on the connection data (e.g., at step 302) and the connection data is associated with an index or hash vector used to find the table (e.g., step 304) of state information for the connection.

Perform Polynomial Hashing

In accordance with one embodiment of the invention, the lookup operation is performed using an SDRAM memory configured as a chained hash table, using a polynomial hashing algorithm. The invention is not limited solely to polynomial hashing algorithms, however polynomial hashing is used in accordance with one embodiment of the invention as it provides a hardware-efficient and extensible means for generating a hash vector from an arbitrary input key. The invention also contemplates the use of other forms of memory in addition to SDRAM and is not limited to the use of such memory.

Once the connection data is obtained at step 300, that data (which comprises the connection's source address, destination address, a source port, and address port) is used as a hash key. This technique may be utilized to process varying types of protocol connection data. For instance, the size of the connection data varies depending upon whether the connection data conforms to the Internet Protocol Version 6 (IPV6) or Internet Protocol Version 4 (IPV4) standard. In the case of IPV4, the hash key comprises the source and destination IP addresses and ports. When the system is configured to process IPV6 data, the hash key is larger than it is with IPV4 data because the address data is 128 bits instead of 32. However, the reader should note that embodiments of the invention may operate on connection data of any size or type. Thus, changes in the bit size or protocol definition do not necessarily modify the mechanism for processing data described herein.

Table A shown below illustrates how the addresses and ports may be organized into a set of DWORDs to be used as a hash key. For example, a set of three 32-bit words is appropriate for IPv4. For IPv6, the hash key will be longer, because the addresses are longer. Note that terms "Near" and "Far" addresses may be utilized instead of source and destination address. This allows the same indexing to be used for the Transmitter logic as well as the Receive logic. However, the invention may also utilize source and destination addresses.

TABLE A
Near IP Address
Far IP Address
Near Port # Far Port #

The connection data which represents a hash key is then processed by an appropriate hashing algorithm and associated with a hash vector (e.g., at step 302). In one embodiment of the invention, the hash key is passed through a polynomial hashing operation where the quotient is initialized to all 1's. The output of this operation is referred to in accordance with one embodiment of the invention as a hash vector or index. Thus, an embodiment of the invention utilizes a hash function h(k) that takes a 96-bit key K (composed of 2 IP addresses & port information) and produces an N-bit hash value used to start a table search (e.g., at step 304).

Because the lookup processing is performed in a performance measurement system, the hashing algorithm that is selected must be capable of performing enough lookup processing operations to keep up with the frame rates of a Gigabit+Ethernet network. Therefore, the invention contemplates the use of a hashing algorithm that distributes all incoming keys as evenly as possible over the range of possible hash function values. FIG. 4 illustrates a more detailed view of the process for optimized hashing (e.g., step 302) in accordance with one embodiment of the invention. The degree of the polynomial used by the hashing algorithm at step 302 is chosen in one embodiment of the invention to give the desired range of hash vectors. Thus, the depth of the linked lists associated with the chained hash table is minimized and the efficiency associated with lookup processing is increased.

The performance of the hashing algorithm at step 302 is dependent upon the hashing polynomial that is selected. For instance some polynomials perform better than others. Embodiments of the invention utilize various polynomials and the invention is not limited to a particular polynomial hashing algorithm. The degree of the polynomial that is selected depends upon how many bits are desired in the hash value itself. For a CRC polynomial of order N, the number of unique hash values possible is 2N. In one embodiment of the invention, the polynomial order is approximately ¼ the size of the number of lookups desired (see e.g., step 400). For example, for 2 million connections the maximum size of the lookup table is 2,097,152 (221) therefore the polynomial that would maximize efficiency in one embodiment of the invention would be a polynomial of size 219. The reader should note that although one specific mechanism for selecting polynomials is described, that the invention contemplates the use of polynomials of varying order.

For a polynomial to be utilized in a hash function, the polynomial should be primitive. For degree 19, there are at least 11 primitive polynomials. The polynomials themselves are listed below in octal representation:

Polynomial 1 2000047
Polynomial 2 2020471
Polynomial 3 2013211
Polynomial 4 2570103
Polynomial 5 2561427
Polynomial 6 2227023
Polynomial 7 2001711
Polynomial 8 2331067
Polynomial 9 3146455
Polynomial 10 3610353
Polynomial 11 2766447

In one embodiment of the invention polynomial 7 is viewed as the most effective polynomial. Thus, referring now to FIG. 4, step 400 polynomial 7 might be selected. However, other polynomial hashing algorithms can be incorporated into embodiments of the invention and utilized during lookup processing. For example, the invention also contemplates polynomials where the polynomial order is approximately ¼ the size of the number of lookups desired. Thus, the polynomial that is considered most effective may vary depending upon the number of lookups desired, and on the distribution of connection addresses anticipated in the testing to be done.

When polynomial hashing is utilized the key to be hashed (e.g., a 96-bit key of connection data) is passed through a polynomial division operation (see e.g., steps 402 and 404). The remainder from the division operation becomes the value of the hash function utilized for the table lookup. Polynomial hashing is not typically used during lookup processing because it is a computationally intensive technique when implemented in software form. Thus, hardware implementations using a polynomial-hashing algorithm may be more efficient. Thus, one embodiment of the invention contemplates the use of a computational mechanism similar to a CRC polynomial (e.g., the standard FCS-16) implemented in hardware using pipeline architectures. In such an embodiment, the chosen hashing polynomial is substituted for the FCS16 polynomial. The pipeline architecture enables the hardware embodiment of the invention to efficiently perform lookup processing in spite of the delay imposed by the polynomial operation. The reader should note, however, that software implementations of the invention are also contemplated.

Initiate Search of Values in Hash Vector Table

Once the connection data is utilized as a hash key (e.g., step 402) and passed through the polynomial hashing operation (e.g., step 404), the system initiates a search of the hash vector table (see e.g., step 304). As is typically the case with hash lookup techniques, a process for dealing with collisions must be established.

A collision occurs when more than one key value produces the same value from the chosen hash function. If for instance, two different sets of connection data processed by the hashing algorithm produce the same hash vector (key value) then a collision is said to have occurred. Embodiments of the invention contemplate the use of multiple techniques for handling collisions. One such technique is referred to as open addressing using linear probing. When this technique is utilized, the systems embodying the invention are configured to evaluate the address indicated by the hash function value and test the constant in that location. If the location is empty, (e.g., the value of the hash vector table is zero, step 306) that location may be utilized for the key (e.g., step 310). If that location is not empty, successive locations are evaluated until an empty location is found (e.g., 308) or until a match occurs, in which case the lookup operation is complete. When an empty location is found the stored key is obtained from a free list and stored in the available location.

Another mechanism for handling collisions is referred to as open addressing using double hashing. In this instance, if the address indicated by the hashing function value is already in use, then a second hashing function is used to determine where to look next. A third process for handling collisions involves "chaining". In this method, the hash function points to a vector of pointers to a list of key having the same hash function value.

FIG. 5 illustrates a chained hash table for storing keys generated using a polynomial hash algorithm in accordance with one embodiment of the invention. The hash table 500 contains a number of locations 500-510n (the size of the hash table is variable). Empty locations 501, 502, 504, 505, 506, 508, and 509 represent locations in the hash table that do not contain keys. Locations 500, 503, 507, and 510, represent hash table locations that contain stored keys. Each location that contains stored keys may hold one or more keys. Location 503, for example, contains three keys and locations 507 and 510n contain two keys. Location 500 only contains one key. Embodiments of the invention provide a mechanism for minimizing the number of keys stored in a single location. Specifically, the hashing techniques described herein contains a simple and efficient collision handling that minimizes the number of keys associated with the same address/location in the hash table. The hash table can be configured to store multiple keys (limited by memory size) and methodologies described with respect to step 306, 308, and 310 are utilized to minimize the number of collisions.

Hash Memory Allocation

The following section provides further explanation of the technique utilized in embodiments of the invention to enhance the connection lookup processing speed of a network performance measurement device. Referring back to FIG. 1, the memory (e.g., SDRAM or some other form of memory) of the test device (see e.g., 249), holds the stored keys that are to be looked up via hashing. The format of the stored key held in memory 255 is similar to that of the hash key, but in one embodiment of the invention contains one additional field. Table 2--2 shows the format of the stored key in memory.

TABLE 0-1
Stored Key Format
Near IP Address
Far IP Address
Near Port # Far Point #
Next Key Index

In one embodiment of the invention, memory 255 is SDRAM and has room for 2097152 stored keys. The memory size is thus

2097152*16=33554432 (32 Mbyte)

The first part of SDRAM memory is allocated to a hash pointer table (see e.g., FIG. 5 block 500). There will be 524288 such entries, initially filled with zero (see e.g. blocks 501, 502,504,505, 506, 508, and 509 and/or FIG. 6, block 603). This takes up enough room for 524288/4=131072 stored keys. The remaining SDRAM memory is filled with 2097152-131072=1966080 stored keys. Thus, this configuration is limited to looking up a maximum of 1966080 TCP Connections. The reader should note that varying the memory type or size may increase or decrease the number of stored keys that can be held in memory.

Initially, the stored keys may be linked together into a list that may be referred to as the free list (e.g. 630). A pointer to the first element in the free list may be maintained in the FREE_LIST Register (e.g. 610). The FREE_LIST register may be initialized, in one embodiment of the invention, to 0×20000, pointing to the first stored key past the hash pointer table. The first stored key may therefore have its next key index set to 0×200001, etc. The final stored key in the table would have a next key index of zero. FIG. 6 shows a representation of the hash memory when it is initialized in accordance with one embodiment of the invention.

Hash Memory Lookup

To look up a protocol connection (e.g., a TCP connection), connection data (e.g. 600) is collected from the data packets of a network connection. A connection key is generated (e.g. 610). The connection key is stored in the first element (e.g. 632 and 633) of the free list (e.g. 630). The connection key is passed through the polynomial hashing processor (e.g. 603) to generate a hash vector (to which it is also referred as hash key). The hash vector is used as a lookup key in the hash table (e.g. 650). The result of the lookup in the hash table is an offset into the hash memory that contains the value of a hash pointer.

A hash pointer value of zero (e.g., 652) means that the hash key is encountered for the first time. In this case, the lookup processor stores the new connection key by obtaining an unused stored key from the free list, copying the connection key contents into the stored key, and linking that stored key into the list associated with the hash key. A hash pointer containing a value different from zero means, that the hash key has been encountered at least once--a collision has occurred. The value of the hash key is a pointer to the top of a linked list of stored keys. The lookup processor traverses the linked list matching the value of the connection key with each of the stored keys. If one of the keys results in a match, the lookup is finished. If the linked list is completely traversed without a match, then a new stored key must be added to the linked list for this hash pointer by obtaining an unused stored key from the free list, copying the connection key contents into the stored key, and linking that stored key into the linked list that had been traversed with no match.

When a hash pointer value is zero (e.g., block 652), meaning that the hash vector has been encountered for the first time, the new key should be inserted to become to top of a linked list of stored keys. To insert a new stored key, the value in FREE_LIST register (e.g., 620) is written into the hash pointer (e.g. 652) making the first element of the free list become the top of the linked list of stored keys for the hash key. The content of the next index (e.g. 633) of the first stored key (pointing to the next free stored key e.g. 634) is copied into the FREE_LIST Register (e.g. 620) making the next stored key (e.g. 632) in the free list become the top of the free list. On the other hand, the next index of the first stored key of the linked list of the hash key is set to zero making it the last element of the linked list of stored keys for the hash key.

When a hash pointer contains a value different from zero (e.g., block 654), meaning that the hash key has been previously encountered, the hash pointer points to the top of a linked list containing stored keys. The linked list is traversed matching the connection key with each of the stored keys. If a match is found, the connection key lookup is finished. If no match if found, the new key is added to the linked list. Adding a key to the linked list is done (as previously described) by writing the address of the top element of the free list (new connection key) to the hash pointer making the new stored key the top of the linked list, or by writing the address of the top element of the free list into one of the element of the existing stored keys in the linked list. The next index pointers are also set appropriately to preserve data integrity.

In an embodiment of the invention, when a tracked networked connection is closed, the connection data is used to to compute the hash key (e.g. 603) and lookup the stored key. The hash memory storing the key is recovered by appending the memory to the free list and appropriately setting the next-index pointers in the stored key linked list where the stored key corresponding to the closed connection used to belong.

Hatley, Tom

Patent Priority Assignee Title
10015143, Jun 05 2014 F5 Networks, Inc Methods for securing one or more license entitlement grants and devices thereof
10015286, Jun 23 2010 F5 Networks, Inc. System and method for proxying HTTP single sign on across network domains
10097616, Apr 27 2012 F5 Networks, Inc. Methods for optimizing service of content requests and devices thereof
10122630, Aug 15 2014 F5 Networks, Inc Methods for network traffic presteering and devices thereof
10135831, Jan 28 2011 F5 Networks, Inc. System and method for combining an access control system with a traffic management system
10157280, Sep 23 2009 F5 Networks, Inc System and method for identifying security breach attempts of a website
10182013, Dec 01 2014 F5 Networks, Inc Methods for managing progressive image delivery and devices thereof
10187317, Nov 15 2013 F5 Networks, Inc Methods for traffic rate control and devices thereof
10230566, Feb 17 2012 F5 Networks, Inc Methods for dynamically constructing a service principal name and devices thereof
10375155, Feb 19 2013 F5 Networks, Inc. System and method for achieving hardware acceleration for asymmetric flow connections
10404698, Jan 15 2016 F5 Networks, Inc. Methods for adaptive organization of web application access points in webtops and devices thereof
10505792, Nov 02 2016 F5 Networks, Inc Methods for facilitating network traffic analytics and devices thereof
10505818, May 05 2015 F5 Networks, Inc Methods for analyzing and load balancing based on server health and devices thereof
10721269, Nov 06 2009 F5 Networks, Inc. Methods and system for returning requests with javascript for clients before passing a request to a server
10791088, Jun 17 2016 F5 Networks, Inc Methods for disaggregating subscribers via DHCP address translation and devices thereof
10791119, Mar 14 2017 F5 Networks, Inc.; F5 Networks, Inc Methods for temporal password injection and devices thereof
10797888, Jan 20 2016 F5 Networks, Inc Methods for secured SCEP enrollment for client devices and devices thereof
10812266, Mar 17 2017 F5 Networks, Inc Methods for managing security tokens based on security violations and devices thereof
10834065, Mar 31 2015 F5 Networks, Inc Methods for SSL protected NTLM re-authentication and devices thereof
10931662, Apr 10 2017 F5 Networks, Inc. Methods for ephemeral authentication screening and devices thereof
10972453, May 03 2017 F5 Networks, Inc. Methods for token refreshment based on single sign-on (SSO) for federated identity environments and devices thereof
11044200, Jul 06 2018 F5 Networks, Inc Methods for service stitching using a packet header and devices thereof
11063758, Nov 01 2016 F5 Networks, Inc. Methods for facilitating cipher selection and devices thereof
11070451, Dec 11 2017 Spirent Communications, Inc Method and system for inducing pseudo HTTPS communications between one or more emulated servers and emulated clients to test a device therebetween
11108815, Nov 06 2009 F5 Networks, Inc. Methods and system for returning requests with javascript for clients before passing a request to a server
11122042, May 12 2017 F5 Networks, Inc Methods for dynamically managing user access control and devices thereof
11122083, Sep 08 2017 F5 Networks, Inc; F5 Networks, Inc. Methods for managing network connections based on DNS data and network policies and devices thereof
11178150, Jan 20 2016 F5 Networks, Inc Methods for enforcing access control list based on managed application and devices thereof
11182399, Sep 04 2018 SPIRENT COMMUNICATIONS, INC. Effective correlation of multiple time-series result sets
11343237, May 12 2017 F5 Networks, Inc Methods for managing a federated identity environment using security and access control data and devices thereof
11350254, May 05 2015 F5 Networks, Inc Methods for enforcing compliance policies and devices thereof
11374973, Dec 20 2018 Spirent Communications, Inc Streamlining cryptographic processes in a test environment
11496438, Feb 07 2017 F5, Inc. Methods for improved network security using asymmetric traffic delivery and devices thereof
11658995, Mar 20 2018 F5 Networks, Inc Methods for dynamically mitigating network attacks and devices thereof
11757946, Dec 22 2015 F5 Networks, Inc Methods for analyzing network traffic and enforcing network policies and devices thereof
11824740, Dec 11 2017 SPIRENT COMMUNICATIONS, INC. Method and system for inducing secure communications between one or more emulated servers and emulated clients to test a device therebetween
11838851, Jul 15 2014 F5 Networks, Inc Methods for managing L7 traffic classification and devices thereof
11868360, Sep 04 2018 SPIRENT COMMUNICATIONS, INC. Effective correlation of multiple time-series result sets
11895138, Feb 02 2015 F5 Networks, Inc Methods for improving web scanner accuracy and devices thereof
7443857, Jul 09 2003 Cisco Technology Inc. Connection routing based on link utilization
7490162, May 15 2002 F5 Networks, Inc.; F5 Networks, Inc Method and system for forwarding messages received at a traffic manager
7539176, Apr 02 2004 Cisco Technology Inc. System and method for providing link, node and PG policy based routing in PNNI based ATM networks
7774484, Dec 19 2002 F5 Networks, Inc. Method and system for managing network traffic
7826381, May 30 2008 Spirent Communications, Inc Method and device test data streams bound to emulated devices
7957365, Jul 09 2003 Cisco Technology, Inc. Connection routing based on link utilization
7958387, May 30 2008 Spirent Communications, Inc Realtime test result promulgation from network component test device
7979712, Jul 01 2002 International Business Machines Corporation Network system, server and information terminal for list matching
8117456, Jul 01 2002 International Business Machines Corporation Network system, server and information terminal for list matching
8150957, Dec 19 2002 F5 Networks, Inc. Method and system for managing network traffic
8176164, Dec 19 2002 F5 Networks, Inc. Method and system for managing network traffic
8264972, May 30 2008 Spirent Communications, Inc Method and apparatus for emulating network devices
8418233, Jul 29 2005 F5 Networks, Inc.; F5 Networks, Inc Rule based extensible authentication
8463909, Sep 15 2010 F5 Networks, Inc Systems and methods for managing server resources
8533308, Aug 12 2005 F5 Networks, Inc.; F5 Networks, Inc Network traffic management through protocol-configurable transaction processing
8539062, Dec 19 2002 F5 Networks, Inc. Method and system for managing network traffic
8559313, Feb 01 2006 F5 Networks, Inc. Selectively enabling packet concatenation based on a transaction boundary
8565088, Feb 01 2006 F5 Networks, Inc. Selectively enabling packet concatenation based on a transaction boundary
8566444, Oct 30 2008 F5 Networks, Inc.; F5 Networks, Inc Methods and system for simultaneous multiple rules checking
8576829, Aug 08 2006 Aeroscout, Ltd. Multi-channel TDOA system
8611222, Feb 01 2006 F5 Networks, Inc. Selectively enabling packet concatenation based on a transaction boundary
8627467, Jan 14 2011 F5 Networks, Inc.; F5 Networks, Inc System and method for selectively storing web objects in a cache memory based on policy decisions
8630174, Sep 14 2010 F5 Networks, Inc System and method for post shaping TCP packetization
8645556, May 15 2002 F5 Networks, Inc. Method and system for reducing memory used for idle connections
8675655, Oct 08 2001 WSOU Investments, LLC Method for distributing load over multiple shared resources in a communication network and network applying such a method
8676955, Dec 19 2002 F5 Networks, Inc. Method and system for managing network traffic
8804504, Sep 16 2010 F5 Networks, Inc. System and method for reducing CPU load in processing PPP packets on a SSL-VPN tunneling device
8806053, Apr 29 2008 F5 Networks, Inc. Methods and systems for optimizing network traffic using preemptive acknowledgment signals
8868961, Nov 06 2009 F5 Networks, Inc. Methods for acquiring hyper transport timing and devices thereof
8874783, May 15 2002 F5 Networks, Inc. Method and system for forwarding messages received at a traffic manager
8886981, Sep 15 2010 F5 Networks, Inc.; F5 Networks, Inc Systems and methods for idle driven scheduling
8908545, Jul 08 2010 F5 Networks, Inc. System and method for handling TCP performance in network access with driver initiated application tunnel
8959571, Oct 29 2010 F5 Networks, Inc.; F5 Networks, Inc Automated policy builder
9077554, Mar 21 2000 F5 Networks, Inc. Simplified method for processing multiple connections from the same client
9083760, Aug 09 2010 F5 Networks, Inc Dynamic cloning and reservation of detached idle connections
9106606, Feb 05 2007 F5 Networks, Inc Method, intermediate device and computer program code for maintaining persistency
9130846, Aug 27 2008 F5 Networks, Inc.; F5 Networks, Inc Exposed control components for customizable load balancing and persistence
9141625, Jun 22 2010 F5 Networks, Inc Methods for preserving flow state during virtual machine migration and devices thereof
9172753, Feb 20 2012 F5 Networks, Inc Methods for optimizing HTTP header based authentication and devices thereof
9210177, Jul 29 2005 F5 Networks, Inc. Rule based extensible authentication
9225479, Aug 12 2005 F5 Networks, Inc. Protocol-configurable transaction processing
9231879, Feb 20 2012 F5 Networks, Inc. Methods for policy-based network traffic queue management and devices thereof
9246819, Jun 20 2011 F5 Networks, Inc.; F5 Networks, Inc System and method for performing message-based load balancing
9270766, Dec 30 2011 F5 Networks, Inc Methods for identifying network traffic characteristics to correlate and manage one or more subsequent flows and devices thereof
9292397, May 14 2012 NETLOAD, INC Light-weight method and apparatus for testing network devices and infrastructure
9313047, Nov 06 2009 F5 Networks, Inc. Handling high throughput and low latency network data packets in a traffic management device
9554276, Oct 29 2010 F5 Networks, Inc System and method for on the fly protocol conversion in obtaining policy enforcement information
9614772, Oct 20 2003 F5 Networks, Inc. System and method for directing network traffic in tunneling applications
9647954, Mar 21 2000 F5 Networks, Inc Method and system for optimizing a network by independently scaling control segments and data flow
9832069, May 30 2008 F5 Networks, Inc. Persistence based on server response in an IP multimedia subsystem (IMS)
9967331, Feb 05 2007 F5 Networks, Inc. Method, intermediate device and computer program code for maintaining persistency
9985976, Dec 30 2011 F5 Networks, Inc. Methods for identifying network traffic characteristics to correlate and manage one or more subsequent flows and devices thereof
RE47019, Jul 14 2010 F5 Networks, Inc. Methods for DNSSEC proxying and deployment amelioration and systems thereof
Patent Priority Assignee Title
4588985, Dec 30 1983 International Business Machines Corporation Polynomial hashing
4853928, Aug 28 1987 Agilent Technologies Inc Automatic test generator for logic devices
5838919, Sep 10 1996 IXIA Methods, systems and computer program products for endpoint pair based communications network performance testing
5881237, Sep 10 1996 IXIA Methods, systems and computer program products for test scenario based communications network performance testing
5937165, Sep 10 1996 IXIA Systems, methods and computer program products for applications traffic based communications network performance testing
6034958, Jul 11 1997 Telefonaktiebolaget LM Ericsson VP/VC lookup function
6061725, Sep 10 1996 IXIA Endpoint node systems computer program products for application traffic based communications network performance testing
6397359, Jan 19 1999 JPMORGAN CHASE BANK, N A , AS SUCCESSOR AGENT Methods, systems and computer program products for scheduled network performance testing
6408335, Sep 10 1996 IXIA Methods, systems and computer program products for endpoint pair based communications network performance testing
6457142, Oct 29 1999 WSOU Investments, LLC Method and apparatus for target application program supervision
20010034839,
20020062223,
//
Executed onAssignorAssigneeConveyanceFrameReelDoc
Aug 28 2001HATLEY, TOMSpirent CommunicationsASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS 0127200309 pdf
Aug 30 2001Spirent Communications(assignment on the face of the patent)
Date Maintenance Fee Events
Jun 07 2007REM: Maintenance Fee Reminder Mailed.
Nov 21 2007M1551: Payment of Maintenance Fee, 4th Year, Large Entity.
Nov 21 2007M1554: Surcharge for Late Payment, Large Entity.
May 25 2011M1552: Payment of Maintenance Fee, 8th Year, Large Entity.
May 25 2015M1553: Payment of Maintenance Fee, 12th Year, Large Entity.


Date Maintenance Schedule
Nov 25 20064 years fee payment window open
May 25 20076 months grace period start (w surcharge)
Nov 25 2007patent expiry (for year 4)
Nov 25 20092 years to revive unintentionally abandoned end. (for year 4)
Nov 25 20108 years fee payment window open
May 25 20116 months grace period start (w surcharge)
Nov 25 2011patent expiry (for year 8)
Nov 25 20132 years to revive unintentionally abandoned end. (for year 8)
Nov 25 201412 years fee payment window open
May 25 20156 months grace period start (w surcharge)
Nov 25 2015patent expiry (for year 12)
Nov 25 20172 years to revive unintentionally abandoned end. (for year 12)